On Sun, Oct 16, 2016 at 11:37 AM, Ishara Karunarathna <[email protected]> wrote:
> Hi All, > > With the current IS implementation We have individual SP configurations > and we associate authentication chains, claim, provisioning configurations > etc.. to that service provider configuration. > As a improvement to this we can group these configurations lets say a > security circle. > +1 > > For a security circle [SC]. > We can configure set of service providers within a SC. > Associate Userstores to that SC > Define Authentication chain, Provision config etc.. > Configre Administration policies Ex: only users in wso2admin can manage > the wso2 security circle. > Are we using XACML? May be Administration/Delegation profile... > Group authorization policies belong to this circle. > Once we configure those it will be applicable to all service providers and > can override with SP level configurations. > We can have different login sessions to each circle. > So; end user will have different session for each SC in same browser ? Is SC an internal detail or expose to end users (I meant whether it is like tenant domain)? Does request contain some detail/param on SC? Thanks, Asela. > > How can we use this. > Achieve Enterprise SaaS application use case discussed in [1] > No need to configure same configurations in each SP level can inherit from > SC configurations. > Since we are going with container base Multi tenancy in C5, If a user does > not like, that can be handle with this security circle. > > Thanks, > Ishara > [1] "[C5 IS] Multi-tenancy in C5 based IS" > > -- > Ishara Karunarathna > Associate Technical Lead > WSO2 Inc. - lean . enterprise . middleware | wso2.com > > email: [email protected], blog: isharaaruna.blogspot.com, mobile: > +94717996791 > > > > _______________________________________________ > Architecture mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture > > -- Thanks & Regards, Asela ATL Mobile : +94 777 625 933 +358 449 228 979 http://soasecurity.org/ http://xacmlinfo.org/
_______________________________________________ Architecture mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/architecture
